Date: Fri, 24 Apr 1998 22:13:21 -0500 From: David Kelly <dkelly@hiwaay.net> To: freebsd-security@FreeBSD.ORG Subject: Re: Symlinks again... Message-ID: <199804250313.WAA27684@nospam.hiwaay.net> In-Reply-To: Message from Niall Smart <rotel@indigo.ie> of "Fri, 24 Apr 1998 21:25:38 -0000." <199804242025.VAA00581@indigo.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
Niall Smart writes:
>
> The code is still wrong though, an account is compromisable. I
> would submit a PR. mktemp(1) should be ported to -stable to make
> fixing/avoiding this type of thing easier. Any takers?
It appears mktemp made it into RELENG_2_2 recently (I don't know how to
ask CVS yet). So maybe all that's left to do is fold it into the right
places?
nospam: {463} which mktemp
/usr/bin/mktemp
nospam: {464} uname -a
FreeBSD nospam.hiwaay.net 2.2.6-STABLE FreeBSD 2.2.6-STABLE #0: Mon Apr 20 20:49:10 CDT 1998 root@nospam.hiwaay.net:/usr/src/sys/compile/PPRO200 i386
nospam: {465} whereis mktemp
mktemp: /usr/bin/mktemp /usr/share/man/man1/mktemp.1.gz /usr/src/usr.bin/mktemp
nospam: {466} ls -l /usr/src/usr.bin/mktemp
total 12
drwxr-xr-x 2 root wheel 512 Apr 21 21:05 CVS/
-rw-r--r-- 1 root wheel 121 Apr 18 05:56 Makefile
-rw-r--r-- 1 root wheel 5629 Apr 18 05:56 mktemp.1
-rw-r--r-- 1 root wheel 3784 Apr 18 05:56 mktemp.c
nospam: {467}
--
David Kelly N4HHE, dkelly@nospam.hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804250313.WAA27684>